Date: Wed, 28 Feb 2018 12:51:15 +0100 From: Harry Schmalzbauer <freebsd@omnilan.de> To: Vincent Hoffman-Kazlauskas <vince@unsane.co.uk> Cc: freebsd-virtualization@freebsd.org Subject: Re: superfluous host interfaces Message-ID: <5A9697B3.5050200@omnilan.de> In-Reply-To: <e8ffef13-4616-c063-e3a9-dd3361bff78d@unsane.co.uk> References: <20180225131401.GA3138@v007.zyxst.net> <5A93CEB6.1080406@omnilan.de> <a0ccbf77-ec23-127c-0529-ddb05dc689e3@osfux.nl> <5A93D9D0.4090804@omnilan.de> <54f9019e-6e86-8e10-32d7-9f14d159bb0a@osfux.nl> <5A93F9DE.9090908@omnilan.de> <5A94F730.7040009@redbarn.org> <5A95140E.8030909@omnilan.de> <e8ffef13-4616-c063-e3a9-dd3361bff78d@unsane.co.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
Bezüglich Vincent Hoffman-Kazlauskas's Nachricht vom 27.02.2018 21:09 (localtime): > > On 27/02/2018 08:17, Harry Schmalzbauer wrote: >> Bezüglich Paul Vixie's Nachricht vom 27.02.2018 07:14 (localtime): >>> >>> Harry Schmalzbauer wrote: >>>> Bezüglich Ruben's Nachricht vom 26.02.2018 11:34 (localtime): … >> If you have only one "LAN" sharing all VMs, the one additional interface >> is neglectable. >> But my setups are different. >> I have almost as many different 802.11q separated ethernet collsion >> domains (VLANs) as VMs. >> That's what ESXi's portgroup is used for. I need a separate switch for >> each VLAN (guests mustn't be able to sniff traffic etc.). >> > Untested by me with bhyve but it looks like net/openvswitch > (http://www.openvswitch.org/) could be useful to you. As I say though > untested by me so cant speak for performance etc. I made a local OVS port which incorporated netmap support, but I was told that OVS lost attraction for the netmap team, when I tried to solve some problems, since netmap patches from upstream were highly linux specific and considered obsolete. Intel contributed some DPDK resources, which look interesting (and seem to perform great on linux). But OVS itself would need more resources to get better support on FreeBSD and additionally a huge ammount of resources to get DPDK|netmap enabled. In 10GE days, OVS without netmap|DPDK doesn't make much sense imho. We have netmap/vale(4), which could be extenden to cover a small subset of OVS feature, with porbably moderate ammount of resources. So in my opinion, for those using bhyve(4) as slim hypervisor, the not very slim OVS doesn't fit well overall, especially due to perfomance constraints. A portgroup/vlan filter+manager on top of vale(4) was a much better companion for bhyve(4). I'll start immediately when retireing (learing to use whatever debugger will be arround then...) ;-) -harry
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5A9697B3.5050200>